CVE-2026-5623

CVE-2026-5623 affects hcengineering Huly Platform 0.7.382, specifically the Import Endpoint in file server/front/src/index.ts. The vulnerability enables server-side request forgery (SSRF) through manipulation of the indicated component, with remote exploitability. Public exploit exists; disclosur...

CVE-2026-5622 hcengineering Huly Platform JWT Token token.ts hard-coded key

A vulnerability was determined in hcengineering Huly Platform 0.7.382. Affected by this issue is some unknown functionality of the file foundations/core/packages/token/src/token.ts of the component JWT Token Handler. This manipulation of the argument SERVERSECRET with the input secret causes use ...

CVE-2026-5618

A vulnerability was detected in kalcaddle kodbox up to 1.64. This affects an unknown function of the component shareMake/shareCheck. Performing a manipulation of the argument siteFrom/siteTo results in server-side request forgery. The attack is possible to be carried out remotely. The complexity ...

CVE-2026-5616

A security vulnerability has been detected in JeecgBoot 3.9.0/3.9.1. The impacted element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java of the component AI Chat Module. Such manipulation leads to...

CVE-2026-5620

CVE-2026-5620 affects itsourcecode Construction Management System 1.0. The vulnerable element is an unknown function in the file /borrowed_equip_report.php within the Parameter Handler component. Manipulating the argument Home leads to a SQL injection . It can be exploited remotely, and the explo...

CVE-2026-5620 itsourcecode Construction Management System Parameter borrowed_equip_report.php sql injection

A vulnerability has been found in itsourcecode Construction Management System 1.0. Affected is an unknown function of the file /borrowedequipreport.php of the component Parameter Handler. The manipulation of the argument Home leads to sql injection. It is possible to initiate the attack remotely...

EUVD-2026-19154

A vulnerability was identified in Belkin F9K1015 1.00.10. This issue affects the function formReboot of the file /goform/formReboot. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be...

EUVD-2026-19153

A vulnerability was determined in Belkin F9K1015 1.00.10. This vulnerability affects the function formWlEncrypt of the file /goform/formWlEncrypt. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been...

EUVD-2026-19148

A flaw has been found in Tenda i12 1.0.0.113862. Affected by this vulnerability is the function formwrlSSIDset of the file /goform/wifiSSIDset of the component Parameter Handler. This manipulation of the argument index/wlradio causes stack-based buffer overflow. It is possible to initiate the...

EUVD-2026-19152

A vulnerability was found in Belkin F9K1015 1.00.10. This affects the function formCrossBandSwitch of the file /goform/formCrossBandSwitch. Performing a manipulation of the argument webpage results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made...

EUVD-2026-19146

A vulnerability was detected in Belkin F9K1122 1.00.33. Affected is the function formWlanSetup of the file /goform/formWlanSetup. The manipulation of the argument webpage results in stack-based buffer overflow. The attack may be performed from remote. The exploit is now public and may be used. Th...

EUVD-2026-19144

A security vulnerability has been detected in imprvhub mcp-browser-agent up to 0.8.0. This impacts the function CallToolRequestSchema of the file src/handlers.ts of the component URL Parameter Handler. The manipulation of the argument request.params.name/request.params.arguments leads to...

CVE-2026-5611

A vulnerability was found in Belkin F9K1015 1.00.10. This affects the function formCrossBandSwitch of the file /goform/formCrossBandSwitch. Performing a manipulation of the argument webpage results in stack-based buffer overflow. The attack can be initiated remotely. The exploit has been made...

CVE-2026-5612

A vulnerability was determined in Belkin F9K1015 1.00.10. This vulnerability affects the function formWlEncrypt of the file /goform/formWlEncrypt. Executing a manipulation of the argument webpage can lead to stack-based buffer overflow. The attack can be launched remotely. The exploit has been...

CVE-2026-5616 JeecgBoot AI Chat JeecgBizToolsProvider.java missing authentication

A security vulnerability has been detected in JeecgBoot 3.9.0/3.9.1. The impacted element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java of the component AI Chat Module. Such manipulation leads to...

CVE-2026-5616

JeecgBoot 3.9.0/3.9.1 contains a vulnerability in the AI Chat Module, specifically an unknown function within JeecgBizToolsProvider.java under jeecg-system-biz. This manipulation results in missing authentication and can be triggered remotely. A patch is identified by the hash b7c9aeba7aefda9e008...

CVE-2026-5616 JeecgBoot AI Chat JeecgBizToolsProvider.java missing authentication

A security vulnerability has been detected in JeecgBoot 3.9.0/3.9.1. The impacted element is an unknown function of the file jeecg-boot/jeecg-module-system/jeecg-system-biz/src/main/java/org/jeecg/modules/airag/JeecgBizToolsProvider.java of the component AI Chat Module. Such manipulation leads to...

CVE-2026-5614

Belkin F9K1015 firmware 1.00.10 contains a vulnerability in the function formSetPassword at /goform/formSetPassword. The manipulation of the argument webpage results in a stack-based buffer overflow, enabling remote exploitation. The exploit is publicly released, and the vendor did not respond to...

CVE-2026-5613 Belkin F9K1015 formReboot stack-based overflow

A vulnerability was identified in Belkin F9K1015 1.00.10. This issue affects the function formReboot of the file /goform/formReboot. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be...

CVE-2026-5613 Belkin F9K1015 formReboot stack-based overflow

A vulnerability was identified in Belkin F9K1015 1.00.10. This issue affects the function formReboot of the file /goform/formReboot. The manipulation of the argument webpage leads to stack-based buffer overflow. The attack may be initiated remotely. The exploit is publicly available and might be...